17 matches found
GHSA-MW4X-G2X8-QCVF tree-kit vulnerable to Prototype Pollution
A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...
Design/Logic Flaw
A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...
CVE-2021-4278 cronvel tree-kit prototype pollution
A vulnerability classified as problematic has been found in cronvel tree-kit up to 0.6.x. This affects an unknown part. The manipulation leads to improperly controlled modification of object prototype attributes 'prototype pollution'. Upgrading to version 0.7.0 is able to address this issue. The...
PT-2022-11686 · Unknown · Cronvel Tree-Kit
Name of the Vulnerable Software and Affected Versions: cronvel tree-kit versions up to 0.6.x Description: A problematic vulnerability has been found, affecting an unknown part of the software. The issue leads to improperly controlled modification of object prototype attributes, also known as...
CVE-2022-25643
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
CVE-2021-41387
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...
CVE-2021-41387
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...
CVE-2021-41387
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...
CVE-2021-41387
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...
nginx 0.6.x < 1.20.1 1-Byte Memory Overwrite RCE
According to its Server response header, the installed version of nginx is 0.6.18 prior to 1.20.1. It is, therefore, affected by a remote code execution vulnerability. A security issue in nginx resolver was identified, which might allow an unauthenticated remote attacker to cause 1-byte memory...
CVE-2014-8132
Double free vulnerability in the sshpacketkexinit function in kex.c in libssh 0.5.x and 0.6.x before 0.6.4 allows remote attackers to cause a denial of service via a crafted kexinit packet...
CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
nginx 0.6.x Code Execution
Exploit Title: nginx Arbitrary Code Execution NullByte Injection Date: 24/08/2011 Exploit Author: Neal Poole Vendor Homepage: http://nginx.org/ Software Link: https://launchpad.net/nginx/0.6/0.6.36/+download/nginx-0.6.36.tar.gz Version: 0.5., 0.6., 0.7 //file.ext%00.php or http:////file.ext/x00.p...
nginx 0.6.x,0.7.x,0.8<=0.8.57 文件解析错误
No description provided by source...
CVE-2006-0582
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors...
Code injection
Unspecified vulnerability in rshd in Heimdal 0.6.x before 0.6.6 and 0.7.x before 0.7.2, when storing forwarded credentials, allows attackers to overwrite arbitrary files and change file ownership via unknown vectors...
CVE-2004-0371
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path...